How do you secure a website using CloudFlare Secure SSL?

How do you secure a website using CloudFlare Secure SSL?

As Cloudflare states:

You can generate a signed certificate directly in the Cloudflare dashboard.

Some people will get stuck after that. So it’s actually pretty easy (but not exactly intuitive or without a lot of trial and error). Go to the “Crypto” tab in the CF dashboard and generate (Create Origin Certificate) the 2 files needed to put on your server in a .pem format (I use NGINX) so you define a path to the 2 files, one is cert.pem and the other is privkey.pem. You can make those files in an easy to find directory on your machine, I just make them /A1ssl in the root in a folder for the specific site, like /A1ssl/thissiteorthatsite. In the empty .pem files directly paste (or into notepad for safekeeping or temp hold) EXACTLY including the first hypen to the last one.

After you’ve created the keys they are what does the handshaking all the way from your host machine (Origin) to the browser or api that’s making the request. Again Cloudflare is not worried about your setup or the file path, they are using their powerful brokering power to authenticate all this for free.

NB: In the crypto section you see a dropdown for “Off, Flexible, Full & Full/Strict”. The guide I’ve just written here works at the highest setting (full/strict) which is the desirable choice over other options. Rest assured you can host a full blown ecommerce site like this, it may not be the coveted EV cert but those are pricey as heck anyway. Enjoy !!